<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>kali工具箱</title>
<script src="./static/bootstrap.min.js"></script>
<link rel="stylesheet" href="./static/main.css">
<link rel="stylesheet" href="./static/bootstrap.min.css">
<style type="text/css" id="syntaxhighlighteranchor"></style>
</head>
<main class="main-container ng-scope" ng-view="">
<div class="main receptacle post-view ng-scope">
<article class="entry ng-scope" ng-controller="EntryCtrl" ui-lightbox="">
<section class="entry-content ng-binding" ng-bind-html="postContentTrustedHtml">
<h2> ohrwurm包装说明</h2><p style="text-align: justify;"> ohrwurm是一个小而简单的RTP模糊器已在少数SIP电话的试验成功。产品特点： </p><ul><li>读取SIP消息以获得RTP端口号的信息</li><li>读取SIP可以通过提供RTP端口号被省略，sothat任何RTP通信可以模糊化</li><li> RTCP流量可以被抑制，以避免该编解码器</li><li>了解“吵行” </li><li>特别小心打破RTP处理本身</li><li> RTP有效载荷被模糊化以恒定的BER </li><li>误码率是可配置</li><li>需要arpspoof从dsniff做MITM攻击</li><li>既需要手机是在交换式局域网（GW操作仅适用于部分） </li></ul><p>资料来源：http://mazzoo.de/blog/2006/08/25#ohrwurm <br> <a href="http://mazzoo.de/blog/2006/08/25#ohrwurm" variation="deepblue" target="blank">ohrwurm首页</a> | <a href="http://git.kali.org/gitweb/?p=packages/ohrwurm.git;a=summary" variation="deepblue" target="blank">卡利ohrwurm回购</a> </p><ul><li>作者：马蒂亚斯·文策尔</li><li>许可：GPL第二版</li></ul><h3>包含在ohrwurm包工具</h3><h5> ohrwurm - RTP模糊器</h5><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="e4968b8b90a48f85888d">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# ohrwurm<br>
ohrwurm-0.1<br>
<br>
usage: ohrwurm -a &lt;IP target a&gt; -b &lt;IP target b&gt; [-s &lt;randomseed&gt;] [-e &lt;bit error ratio in %&gt;] [-i &lt;interface&gt;] [-A &lt;RTP port a&gt; -B &lt;RTP port b&gt;]<br>
<br>
    -a &lt;IPv4 address A in dot-decimal notation&gt; SIP phone A<br>
    -b &lt;IPv4 address B in dot-decimal notation&gt; SIP phone B<br>
    -s &lt;integer&gt; randomseed (default: read from /dev/urandom)<br>
    -e &lt;double&gt; bit error ratio in % (default: 1.230000)<br>
    -i &lt;interfacename&gt; network interface (default: eth0)<br>
    -t suppress RTCP packets (default: dont suppress)<br>
    -A &lt;port number&gt; of RTP port on IP a (requires -B)<br>
    -B &lt;port number&gt; of RTP port on IP b (requires -A)<br>
       note: using -A and -B skips SIP sniffing, any RTP can be fuzzed</code><h3> ohrwurm用法示例</h3><p>模糊化两个主机<b><i>（-a -b 192.168.1.123 192.168.1.15），</i></b>无论是在端口<b><i>6970（-A 6970-B 6970），</i></b>通过接口eth0的<b><i>（-i eth0的）：</i></b> </p><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="c8baa7a7bc88a3a9a4a1">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# ohrwurm -a 192.168.1.123 -b 192.168.1.15 -A 6970 -B 6970 -i eth0<br>
ohrwurm-0.1<br>
using random seed 2978455466</code><div style="display:none">
<script src="//s11.cnzz.com/z_stat.php?id=1260038378&web_id=1260038378" language="JavaScript"></script>
</div>
</main></body></html>
